If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Fake AP to collect WPA key ?

Hello,
since it's possible to make wifi cards act as and Access Point under Linux, I was thinking if it's possible to create a "fake" wireless network with the same essid as the victim's one and collect the password.

Hello,
since it's possible to make wifi cards act as and Access Point under Linux, I was thinking if it's possible to create a "fake" wireless network with the same essid as the victim's one and collect the password.

Is this possible ? In theory.

Thanks,
regards

Your theory is wrong. I'll let you think about it and see if you can figure out why.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Hello,
since it's possible to make wifi cards act as and Access Point under Linux, I was thinking if it's possible to create a "fake" wireless network with the same essid as the victim's one and collect the password.

Is this possible ? In theory.

Thanks,
regards

Would need physical access and even then if the PC does not have admin privileges you cannot obtain a saved key.

as far as i know windows xp only needs essid to connect to the AP
and if the AP ESSID was in its preferred network setting it will automatically connect to the one with stronger signal
and that can be easily done with a 10-15 db antenna for the rausb0 card

Cos the password just doesn't go from the client to the server. And it is the AP who authenticates the client so the AP has to know the psk.

There ya go, now that wasn't hard was it?

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.